Tag Archives: dcode ites

[MSSQLFUN & Decode ITeS becomes a family of 1500 individuals across the globe. Please join us onFacebook&YouTube.]

We will be discussion SQL Server Authentication and below topics:-

What is Authentication?

Type of authentication in SQL Server (SQL & Windows)

Windows Authentication

What is Windows authentication?

Advantages & Disadvantages

SQL Authentication

What is SQL authentication?

Advantages & Disadvantages

SQL Server Authentication Modes

What is Authentication?

Authentication, The process of identity verification of the user. In Laymen terms, Attention is the process to check “Who are you?”. It can be based on user-id & password or token-based or certificate-based. Authentication is the key to allow only authorized users can connect to access the data and system.

Only user with correct authentication details able to connect.

Type of authentication in SQL Server (SQL & Windows)

Microsoft supports 2 types of authentications, SQL, and Windows authentication. For each login created on SQL Server, it should be part of either authentication.

Windows Authentication

Windows Authentication depends on Active Directory (AD) to authenticate users before they connect to SQL. Windows auth use series of encryption to ensure no leak of sensitive data. It is the recommended authentication mode because AD is the best way to manage password policies and user and group access to applications in your organization. User Id and password stored in Active Directory. You can run SQL Server only on Windows Authentication called Windows Authentication Mode.

Advantages of Windows Authentication:

ü All in One Domain: When your environment is on one domain, both DB and application are hosting on the same domain. Windows authentication is the best and secure way of DB communication.

ü Password Policies: Windows logins must bear with password policies. Windows logins can not skip it. This makes the user password more secure and updated.

ü DBA relief: DBA no more needed to manage users and passwords. This task is completely managed by domain admins in windows auth.

ü Windows Group: Windows give functionality to create groups and that group can be added to SQL server to give access to all users in the group in one go.

Disadvantages of Windows Authentication:

ü No Control: DBA has no control over logins, it completely managed by domain admins.

ü Windows Group: Windows groups has a disadvantage as well because membership of the group is hidden to DBA. DBA will not be aware of who is part of groups or when users added or removed from the group.

SQL Authentication

SQL Server Authentication works by storing usernames and passwords in the “Master” database server. It can be used in situations where Active Directory is not available., but, whenever possible, use Windows Authentication exclusively. You can use SQL Server and Windows Authentication at the same time called Mixed Mode.

You can create multiple users under SQL authentication to provided different users different access as per their requirement.

Advantages of SQL Server Authentication

ü Legacy Application Support: You can keep using your legacy application with support of SQL authentication.

ü Vendor Application Support: Vendor or 3rd Party application which are not built specifically to use SQL Server can be used with SQL Server using SQL authentication

ü Cross Operating System: SQL authentication is best to use when the environment had multiple types of operating systems like Windows, Linux, etc.

ü No Domain \ Workgroup \ Non-Trusted Domain Environment: SQL authentication is best to use while working in No Domain, Workgroup, Non-Trusted Domain Environment where users cannot be authenticated using Windows domain controller.

Disadvantages of SQL Server Authentication:

ü Multiple User Name and Password for Users: Let’s consider a user who needs access to multiple database instances. In SQL authentication, the User will have separate login and password for each instance. This will be difficult to manage and annoying.

ü Multiple User Name and Password for DBAs to Manage: Let consider, You are a team of 5 DBAs and using 50 SQL Server instances. This lead to 250 user ID & Password management for DBA.

ü Enforcing Password Policy: SQL Server logins can be skipped from enforcing password policy. These lead to week passwords and no regular change of password.

ü Application or user pass SQL login and password to connect. This communication can be hacked and user id & passwords can be compromised.

SQL Server Authentication Modes

Based on available authentication types, SQL Server supports 2 types of authentication modes.

Windows Authentication Mode:- This is the default one and preferred from Microsoft.

Mixed Mode: Mixed mode supported Windows authentication along with SQL authentication. Both types (windows & SQL) logins can work under this model.

How to check the current authentication mode?

Right Click on Server Instance Name in Object Explorer > go to Properties > Security Tab

To change authentication mode, you can change the selection from this screen and click ok. This change needs SQL Service to restart to take into effect.

Like this:

[MSSQLFUN & Decode ITeS becomes a family of 1500 individuals across the globe. Please join us onFacebook&YouTube.]

Microsoft SQL Server Management Studio IDE (Integrated Development Environment) is a powerful GUI tool with a long list of features and options. SSMS is very useful and user friendly for all users like DBA, Developers, Testers, or Students.

When you lunch SQL Server Management Studio (SSMS), “Connect to Server” window pop up for server and credentials details by default for Database engine Server Type. In case, if don’t or you had closed or you want to connect other server types, You can open it from Object Explorer > Connect > Select Desired Server Type “Database Engine” as below.

Enter Server Name: SSMS prompts you to enter the SQL instance name to connect. It can be a local or remote SQL instance. In a live environment, one SSMS can be used to monitor and manage remote SQL instance for the complete connecting environment.

Select authentication Type and Enter User Details: After mentioning the SQL instance name, you need to select the authentication type. Windows authentication or SQL authentication. In windows, your currently used windows AD access will be used to connect or in SQL authentication, you will provide SQL login details. Once you fill all details, It will connect you with the mentioned instance.

To explore Server properties, Right Click on Instance Name and Click Properties. It will open windows with the list of server-level configuration and properties. You can review and make the required changes. Some Major and mostly used configuration from server properties:-

Results in File (You will prompt to select a location to save the file with execution results)

Intellisense: SSMS IntelliSense is an interesting feature, this provides runtime suggestions for object names and reduce query-writing time. Intellisense populates all objects in the buffer and shows then as an option.

Estimated & Actual Execution plan of queries

Lunch other SQL Server tools like SQL Profiler \ DTA

Activity Monitor: Activity Monitor can be started by right click on instance name. It’s a GUI monitoring wizard for activities & sessions running on the server.

You can drill down multiple options on Activity Monitor Page for details of each segment.

List of features and option in SSSMS is countless, I suggest to download and install it to explore.

Step 3: Go to Installation option and click “New SQL Server stand-alone installation or add features to an existing installation”

Step 4: Select free edition you like to install. The single setup gives you the option of Evaluation \ Developer \ Express edition to install. As discussed in my previous blog Understand SQL Server Editions and Components (YouTube), SQL Server Developer / Evaluation / Express is free to use editions with fewer limitations and restrictions.

Step 5: Accept EULA (End User License Agreement)

Step 6: Setup will perform some rule check before proceeding. In case of any issues, It will stop and ask you to rectify it.

Step 7: Microsoft gives you the option of automatic update of SQL Server with the latest security and other important updates along with windows. I suggest skipping it because it’s not recommended for Production systems and requires the internet which is very rare for servers due to security concerns.

Step 8: In case you accept for Microsoft Update in the previous step and system has internet connectivity, Setup will check available SQL Server upgrades. Setup will download those upgrades (SP, CU) and install them with SQL Setup installation. This will save you the time of separate installation. You try this on the local system and again as mentioned above, not recommended for production systems.

Step 9: Setup will install some installation files before to begin the actual installation

Step 10: Setup will run installation rules \ checks. In case of any issues, it will stop and ask you to rectify it.

Step 11: Feature Selection. In the current window, You can select the features you like to install. For the demo, We will install all versions. These windows will also show the space requirement for setup installation based on features selected. Also, you can change the installation and shared feature directory as per your requirements.

Step 12: Based on the selected features, Setup will run a rule checker.

Step 13: SQL instance name. SQL gives you the option of default or named SQL Server instance. Once the system can have only one default instance and multiple names instance. We will install the named instance today. This window will also review your system and display any previously installed SQL Server instances on your system.

Step 14: PolyBase Configuration, You can leave it as it is and move to next.

Step 15: Select features need JAVA, You can allow setup to install JAVA or mentioned Java path in the case already installed.

Step 16: Server Configuration – Service Account Window.

You can change the service account of any services and start-up type

As per your requirement, Select “Grant Perform Volume Maintenance Task to SQL Service Account”. In Case of service, the account is part of the local admin group this will by default assigned else recommended to provide it.

Step 17: Server Configuration – Collation Window. SQL Server selects collation based on default language and location of the system, you can change it as per your requirements. I suggest not to change it without testing and confirmation. This will decide how SQL Server will deal with tests. Case sensitive or case insensitive means upper caps & small caps will be treated equally or differently OR Data will be sorted in ascending order or descending order.

Step 20: Database Engine Configuration – TempDB. TempDB is crucial for database performance. Microsoft adds the option to configure TempDB as per best practices or as per your requirements with the installation. This will ease up the DBA task after server installation.

Step 21: Database Engine Configuration – MaxDOP. I will suggest to leave it on default value and change it after proper DBA recommendation and application testing.